MDVSA-2009:308Executive Summary
| Informations | |||
|---|---|---|---|
| Name | MDVSA-2009:308 | First vendor Publication | 2009-12-03 |
| Vendor | Mandriva | Last vendor Modification | 2009-12-03 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentification | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
Multiple vulnerabilities has been found and corrected in gnutls: gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup (CVE-2009-1417). A vulnerability have been discovered and corrected in GnuTLS before 2.8.2, which could allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority (CVE-2009-2730). Packages for 2008.0 are being provided due to extended support for Corporate products. This update fixes this vulnerability. |
Original Source
| Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:308 |
CWE : Common Weakness Enumeration
| id | Name |
|---|---|
| CWE-310 | Cryptographic Issues |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:8409 | |||
| Oval ID: | oval:org.mitre.oval:def:8409 | ||
| Title: | VMware GnuTLS vulnerability | ||
| Description: | libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-2730 |
Version: | 2 |
| Platform(s): | VMWare ESX Server 4 |
Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:10778 | |||
| Oval ID: | oval:org.mitre.oval:def:10778 | ||
| Title: | libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||
| Description: | libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-2730 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 56960 | GnuTLS libgnutls X.509 Certificate Multiple Fields NULL Character Spoofing SS... |
| 54625 | GnuTLS libgnutls_x509 gnutls-cli lib/x509/verify.c _gnutls_x509_verify_certif... |
(High)
(Medium)
